Outt
Sett
Behavioral task
behavioral1
Sample
23ce13c39b07f56430a6fb5a4018385e_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
23ce13c39b07f56430a6fb5a4018385e_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
23ce13c39b07f56430a6fb5a4018385e_JaffaCakes118
Size
69KB
MD5
23ce13c39b07f56430a6fb5a4018385e
SHA1
d4195a72c977e9d38e339053c049c2f4cf5de962
SHA256
2b69f5efc4de122ef61399e847b5998a33d9aee4675da52849081ed92d0da29b
SHA512
4e9076e79d73f92b13a428032aee38cbe2eacf2ebf2ae008a7ab81229cc0a1c88e7f06b7dbe3a47c21c94c03d91a2fc16677f1b9ac1f70a3791eee125b5d78c3
SSDEEP
1536:Bm1NGJVGC66EmCxr5Blv9y1nN55XMuDPCiif3X:kX0VBpEHp5zg1N55XMmFi/X
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
23ce13c39b07f56430a6fb5a4018385e_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ